Table 33, Table 34 – Dell POWEREDGE M1000E User Manual
Page 196
156
Fabric OS Administrator’s Guide
53-1001763-02
IP Filter policy
7
TCP and UDP protocols are valid selections. Fabric OS v6.2.0 and later does not support
configuration to filter other protocols. Implicitly, ICMP type 0 and type 8 packets are always allowed
to support ICMP echo request and reply on commands like ping and traceroute. For the action, only
“permit” and “deny” are valid.
For every IP Filter policy, the two rules listed in
are always assumed to be appended
implicitly to the end of the policy. This ensures that TCP and UDP traffic to dynamic port ranges is
allowed, so that management IP traffic initiated from a switch, such as syslog, radius and ftp, is not
affected.
A switch with Fabric OS v6.2.0 or later will have a default IP Filter policy for IPv4 and IPv6. The
default IP Filter policy cannot be deleted or changed. When an alternative IP Filter policy is
activated, the default IP Filter policy becomes deactivated.
lists the rules of the default IP
Filter policy.
snmp
161
ssh
22
sunrpc
111
telnet
23
www
80
TABLE 33
Implicit IP Filter rules
Source address
Destination port
Protocol
Action
Any
1024-65535
TCP
Permit
Any 1024-65535
UDP
Permit
TABLE 34
Default IP policy rules
Rule number
Source address
Destination port
Protocol
Action
1
Any
22
TCP
Permit
2
Any
23
TCP
Permit
3
Any
897
TCP
Permit
4
Any
898
TCP
Permit
5
Any
111
TCP
Permit
6
Any
80
TCP
Permit
7
Any
443
TCP
Permit
9
Any
161
UDP
Permit
10
Any
111
UDP
Permit
11
Any
123
UDP
Permit
12
Any
600-1023
UDP
Permit
TABLE 32
Supported services (Continued)
Service name
Port number